search

googlesamples / android-play-safetynet

Samples for the Google SafetyNet Attestation API
Apache License 2.0
287 stars 133 forks source link

Error: A certificate chain could not be built to a trusted root authority #22

Open rooglemon opened 5 years ago

rooglemon commented 5 years ago

Hi Team, 

Our internal servers throw this below errors on "  if (!securityKey.Certificate.Verify())" certificate validation.
[Chain error: PartialChain A certificate chain could not be built to a trusted root authority.
Chain error: RevocationStatusUnknown The revocation function was unable to check revocation for the certificate.
Chain error: OfflineRevocation The revocation function was unable to check revocation because the revocation server was offline.
]

Same code works on the local machine and some other servers. After investigation, we found that our firewall is blocking the external communication to one of the google url like "any-in-201d.1e100.net" to validate CRL(Certificate Revocation List).

This url and Ip is not constant and our IT team requesting the IP range so that, we can whitelist the IP range on firewall. Please help US ASAP. It is affecting our business at this time.

Thanks,

sk-404 commented 4 years ago

Hi, have you found a solution yet? Exact same issue here.